From: syzbot <syzbot+17cc9bb6d8d69b4139f0@syzkaller.appspotmail.com>
To: ekffu200098@gmail.com, linux-kernel@vger.kernel.org,
syzkaller-bugs@googlegroups.com
Subject: Re: [syzbot] [hfs?] kernel BUG in hfs_new_inode
Date: Thu, 23 Oct 2025 08:30:03 -0700 [thread overview]
Message-ID: <68fa49fb.050a0220.346f24.007e.GAE@google.com> (raw)
In-Reply-To: <CABFDxMHe8Ewe9BcnH-wiSpAzFQR2Nyu=Ek+Xqp0Ockjp4r4wtg@mail.gmail.com>
Hello,
syzbot has tested the proposed patch but the reproducer is still triggering an issue:
kernel BUG in hfs_new_inode
loop0: detected capacity change from 0 to 64
hfs: unable to locate alternate MDB
hfs: continuing without an alternate MDB
------------[ cut here ]------------
kernel BUG at fs/hfs/inode.c:222!
Oops: invalid opcode: 0000 [#1] SMP KASAN PTI
CPU: 0 UID: 0 PID: 6697 Comm: syz.0.17 Not tainted syzkaller #0 PREEMPT_{RT,(full)}
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
RIP: 0010:hfs_new_inode+0xbc4/0xbd0 fs/hfs/inode.c:222
Code: 89 f1 80 e1 07 fe c1 38 c1 0f 8c 15 fa ff ff 4c 89 f7 e8 0f 6d 8b ff e9 08 fa ff ff e8 c5 b5 29 ff 90 0f 0b e8 bd b5 29 ff 90 <0f> 0b e8 b5 b5 29 ff 90 0f 0b 66 90 90 90 90 90 90 90 90 90 90 90
RSP: 0018:ffffc90003b37848 EFLAGS: 00010293
RAX: ffffffff829557c3 RBX: ffff88803a419748 RCX: ffff888026245a00
RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
RBP: 0000000000000004 R08: 0000000000000000 R09: 0000000000000000
R10: dffffc0000000000 R11: ffffed1004f94608 R12: ffff888027ca3000
R13: 1ffff110068414f3 R14: 0000000100000000 R15: ffff88803a419748
FS: 00007f166458e6c0(0000) GS:ffff888126bc2000(0000) knlGS:0000000000000000
CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 0000001b31463fff CR3: 000000003ad7a000 CR4: 00000000003526f0
Call Trace:
<TASK>
hfs_create+0x2a/0xe0 fs/hfs/dir.c:198
lookup_open fs/namei.c:3796 [inline]
open_last_lookups fs/namei.c:3895 [inline]
path_openat+0x1500/0x3840 fs/namei.c:4131
do_filp_open+0x1fa/0x410 fs/namei.c:4161
do_sys_openat2+0x121/0x1c0 fs/open.c:1437
do_sys_open fs/open.c:1452 [inline]
__do_sys_openat fs/open.c:1468 [inline]
__se_sys_openat fs/open.c:1463 [inline]
__x64_sys_openat+0x138/0x170 fs/open.c:1463
do_syscall_x64 arch/x86/entry/syscall_64.c:63 [inline]
do_syscall_64+0xfa/0xfa0 arch/x86/entry/syscall_64.c:94
entry_SYSCALL_64_after_hwframe+0x77/0x7f
RIP: 0033:0x7f1664f1efc9
Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
RSP: 002b:00007f166458e038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
RAX: ffffffffffffffda RBX: 00007f1665175fa0 RCX: 00007f1664f1efc9
RDX: 0000000000000042 RSI: 00002000000002c0 RDI: ffffffffffffff9c
RBP: 00007f1664fa1f91 R08: 0000000000000000 R09: 0000000000000000
R10: 0000000000000058 R11: 0000000000000246 R12: 0000000000000000
R13: 00007f1665176038 R14: 00007f1665175fa0 R15: 00007ffeb72a90b8
</TASK>
Modules linked in:
---[ end trace 0000000000000000 ]---
RIP: 0010:hfs_new_inode+0xbc4/0xbd0 fs/hfs/inode.c:222
Code: 89 f1 80 e1 07 fe c1 38 c1 0f 8c 15 fa ff ff 4c 89 f7 e8 0f 6d 8b ff e9 08 fa ff ff e8 c5 b5 29 ff 90 0f 0b e8 bd b5 29 ff 90 <0f> 0b e8 b5 b5 29 ff 90 0f 0b 66 90 90 90 90 90 90 90 90 90 90 90
RSP: 0018:ffffc90003b37848 EFLAGS: 00010293
RAX: ffffffff829557c3 RBX: ffff88803a419748 RCX: ffff888026245a00
RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
RBP: 0000000000000004 R08: 0000000000000000 R09: 0000000000000000
R10: dffffc0000000000 R11: ffffed1004f94608 R12: ffff888027ca3000
R13: 1ffff110068414f3 R14: 0000000100000000 R15: ffff88803a419748
FS: 00007f166458e6c0(0000) GS:ffff888126bc2000(0000) knlGS:0000000000000000
CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 0000001b31463fff CR3: 000000003ad7a000 CR4: 00000000003526f0
Tested on:
commit: 43e9ad0c Merge tag 'scsi-fixes' of git://git.kernel.or..
git tree: upstream
console output: https://syzkaller.appspot.com/x/log.txt?x=128eb734580000
kernel config: https://syzkaller.appspot.com/x/.config?x=216353986aa62c5d
dashboard link: https://syzkaller.appspot.com/bug?extid=17cc9bb6d8d69b4139f0
compiler: Debian clang version 20.1.8 (++20250708063551+0c9f909b7976-1~exp1~20250708183702.136), Debian LLD 20.1.8
patch: https://syzkaller.appspot.com/x/patch.diff?x=14dd5b04580000
next parent reply other threads:[~2025-10-23 15:30 UTC|newest]
Thread overview: 5+ messages / expand[flat|nested] mbox.gz Atom feed top
[not found] <CABFDxMHe8Ewe9BcnH-wiSpAzFQR2Nyu=Ek+Xqp0Ockjp4r4wtg@mail.gmail.com>
2025-10-23 15:30 ` syzbot [this message]
[not found] <510529165.3578880.1762172846355@kpc.webmail.kpnmail.nl>
2025-11-03 12:53 ` [syzbot] [hfs?] kernel BUG in hfs_new_inode syzbot
[not found] <1136038322.3472008.1762111329562@kpc.webmail.kpnmail.nl>
2025-11-02 19:58 ` syzbot
[not found] <1699488975.3511177.1762106869912@kpc.webmail.kpnmail.nl>
2025-11-02 18:41 ` syzbot
2025-10-23 5:35 syzbot
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=68fa49fb.050a0220.346f24.007e.GAE@google.com \
--to=syzbot+17cc9bb6d8d69b4139f0@syzkaller.appspotmail.com \
--cc=ekffu200098@gmail.com \
--cc=linux-kernel@vger.kernel.org \
--cc=syzkaller-bugs@googlegroups.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.